YourITDepo Page Menu

WP Platinum Blog

The tool capitalizes on a long-known issue in how FireWire can be used to read a computer’s memory

A company that makes password recovery tools has released one that can snatch passwords from a locked or sleeping Macintosh running Mac OS X Lion by plugging another computer into the Mac’s FireWire port. The attack technique is several years old and the only way to defend against it is to turn the Mac off.

Passware, which has engineering facilities in Moscow and headquarters in Mountain View, California, said its Passware Kit Forensic v11 analyzes a Mac’s live memory via FireWire. FireWire is a fast serial interface developed in the 1980s by Apple. It is also known by Sony as i.LINK and was standardized as IEEE 1394.

If a computer is turned on and has been logged into at least once, Passware’s software can extract passwords in a few minutes, even if the computer is locked or sleeping. It can even extract passwords in the Mac’s keychain password store — regardless of password strength and even if FileVault encryption is used, the company said in a news release.

The issue affects all “modern” Mac OS versions, including Snow Leopard and the latest one, Lion.

Apple officials contacted in London did not have an immediate comment.

Passware said there’s an easy defense: turn off the computer, which erases the passwords from the computer’s memory. Passware also suggested disabling the feature that automatically logs in a user when the computer is turned on, a basic security step.

The FireWire password issue has been for some time. In 2008, Uwe Hermann — a Debian developer — compiled a list of research papers from over the years summarizing issues with FireWire. Hermann wrote that if you can gain access to a computer with a FireWire port, it is possible to read or write data in the computer’s RAM.

Other defenses against the attack include simply not having a computer with a FireWire port or plugging an existing one up. If a computer has a PCMCIA or PCI card slot, however, it could still be vulnerable if a FireWire-enabled card is inserted, Hermann wrote. Another precautionary measure is to try and ensure no one gets access to your computer.

Passware’s Kit Forensic costs $995 with one year of free updates.

Originaly published on IDG News

Posted in Security on July 28th, 2011 by sky | | Comments Off on Passwords in Mac OS X can be pilfered with new tool

All Platinum Categories

All Platinum Tags

Archive for July 28th, 2011

The tool capitalizes on a long-known issue in how FireWire can be used to read a computer’s memory

A company that makes password recovery tools has released one that can snatch passwords from a locked or sleeping Macintosh running Mac OS X Lion by plugging another computer into the Mac’s FireWire port. The attack technique is several years old and the only way to defend against it is to turn the Mac off.

Passware, which has engineering facilities in Moscow and headquarters in Mountain View, California, said its Passware Kit Forensic v11 analyzes a Mac’s live memory via FireWire. FireWire is a fast serial interface developed in the 1980s by Apple. It is also known by Sony as i.LINK and was standardized as IEEE 1394.

If a computer is turned on and has been logged into at least once, Passware’s software can extract passwords in a few minutes, even if the computer is locked or sleeping. It can even extract passwords in the Mac’s keychain password store — regardless of password strength and even if FileVault encryption is used, the company said in a news release.

The issue affects all “modern” Mac OS versions, including Snow Leopard and the latest one, Lion.

Apple officials contacted in London did not have an immediate comment.

Passware said there’s an easy defense: turn off the computer, which erases the passwords from the computer’s memory. Passware also suggested disabling the feature that automatically logs in a user when the computer is turned on, a basic security step.

The FireWire password issue has been for some time. In 2008, Uwe Hermann — a Debian developer — compiled a list of research papers from over the years summarizing issues with FireWire. Hermann wrote that if you can gain access to a computer with a FireWire port, it is possible to read or write data in the computer’s RAM.

Other defenses against the attack include simply not having a computer with a FireWire port or plugging an existing one up. If a computer has a PCMCIA or PCI card slot, however, it could still be vulnerable if a FireWire-enabled card is inserted, Hermann wrote. Another precautionary measure is to try and ensure no one gets access to your computer.

Passware’s Kit Forensic costs $995 with one year of free updates.

Originaly published on IDG News

Posted in Security by sky | Comments Off on Passwords in Mac OS X can be pilfered with new tool

WP Platinum Search

Search WP Platinum:

What is Your IT Depo?

The premier local Information Technology Services Company Servicing Garrett County and surrounding areas. We handle "Everything IT" and more, for our customers. Services range from basic consumer service to Enterprise level support for your business, at fraction of the cost. Email or call us today and don't worry YourITDepo is here.